Home / Security / Almost 80% of the Top 50 Free Apps in Google Play have Fake versions

Almost 80% of the Top 50 Free Apps in Google Play have Fake versions

in Security19/08/2014Comments Off on Almost 80% of the Top 50 Free Apps in Google Play have Fake versions2,178 Views

As the number of mobile users continues to grow, the number of fake apps also grows at an alarming rate. According to a Trend Micro’s survey of the Top 50 free apps in Google Play, almost 80% have corresponding fake versions on third party sources. Even more alarming, 100% of those in the Widgets, Media & Video, and Finance categories have fake versions.

As of April this year, 59,185 of the 890,482 sample fake apps discovered were aggressive adware, while another 394,263 were malware, reveals Trend Micro. Among all the fake apps, 50% were malicious.

There are two major types of fake apps. The first are “rogue apps,” with rogue antivirus apps being the most common, such as Virus Shield, which claimed to provide real-time scanning and personal data protection that sold for US$3.99 on Google Play. It received a 4.7- star rating after being downloaded more than 10,000 times in just one week after it was made available. Unfortunately, the app was discovered to be totally fake and offered no protection whatsoever. Researches showed that most of its downloads were done by botnet computers. Still, thousands of users had already been scammed with financial losses before the app was taken down by Google Play.

[Fake] Virus Shield’s purchase page on Google Play

Another major type of fake apps are “repackaged apps.” These are apps that repackage popular apps and pose as the original to attract user downloads. Some of the repackaged apps are “trojanized apps,” which contain malicious behaviors and are becoming a standard tool for cyber-attacks. Games, financial apps, and instant-messaging apps are the most frequent targets of repackaged apps.

Flappy Bird was one of the hottest game apps in Q1 2014 and was downloaded over 50 million times before it was suddenly pulled down by its developer. The sudden pull-down triggered tremendous interest online and prompted cybercriminals to create trojanized versions for the app. One of the trojanized versions asked the user for permissions to send text messages, which could cause the user’s phone bill to sky-rocket.

Trojanized banking apps usually replace well-known banking apps installed from Google Play with corresponding trojanized versions, which help cybercriminals launch phishing attacks against users by stealing the victim’s financial information, causing tremendous losses for the victim.

The most notable case of trojanized instant-messaging apps are the fake versions of BlackBerry Messenger (BBM). Right before BlackBerry made its app available on Google Play few months ago, trojanized versions of BBM were released to the public to take advantage of the anticipation for the release of BBM for Android. The repackaged apps received over 100,000 downloads. These apps, however, exhibited aggressive adware behaviors and were subsequently taken down by Google Play.